If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

GNOME Wants To Sandbox Applications Too

02-06-2013, 09:50 AM

Phoronix: GNOME Wants To Sandbox Applications Too

As another item that was discussed last week in Brussels during the GNOME Developer Hackfest is sandboxing of GNOME applications. GNOME developers already decided they want applications written in JavaScript but as another security measure they want to begin sandboxing applications...

Comment

So the gnome and systemd cabal is pushing for an IPC mechanism in the kernel. Performance, security and features are probable gains. Can this go to mainline linux? Maybe. Attempts have failed before but this time it is another story.

Does everybody want a linux IPC to rule them all? I doubt it.

Comment

Unlike a lot of the GNOME team's recent botched decisions, I don't actually think this is a horrible idea. I wouldn't mind seeing sandboxed apps in a desktop computing environment, if it was done without being too annoying.

Comment

In order to talk with the sandboxes app we need a IPC model that handles the domain transition between the namespaces. This implies the kernel being involved, so we have been looking (again) at getting some form of dbus routing support into the kernel. Hopefully this will work out this time.

We also talked about implementing something similar to the Intents system in android as a way to allow sandboxed applications to communicate without necessarily knowing about each other. This essentially becomes a DBus service which keeps a registry of which apps implements the various interfaces we want to support (e.g. file picking, get-a-photo, share photo) and actually proxies the messages for these to the right destination. We had a long discussion about the name for these and came up with the name ?Portals?, reflecting the domain-transition that these calls represent.

Comment

Ugh, I see no benefits and only downsides. It will be even slower, introduce new bugs, and provide no real security IMO. But this seems to be the trend in gnome, let's take what works well, break it, remove any useful features, add a 1000 new bugs, do tons of random pointless things, add features that are broken and useless and make it run as slow as humanly possible.

Ok, maybe I am exaggerating a bit. I have just gotten more and more annoyed with this sort of #@*(Y&(# over the last few years.

Hey I got an idea, let's have all gnome apps written in a new scripting language, let's called it Magic Gnome Script, (MGS), that script is then interpreted threw a runner, written in javascript, running inside a special gnome app viewer, running in a virtual environment, running inside...